Verizon and the Metropolitan Water District of Southern California were two high-value targets hit by a suspected Chinese-backed hack that was first brought to the public’s attention in April, the Associated Press reported.
Pulse Connect Secure networking devices are used by many companies and governments to allow secure remote access to their networks and those were the targets of the hacks. The Chinese government was suspected of backing the hacks, but China has denied any role.
Verizon, which has over 120 million subscribers through Verizon Wireless, said a Pulse-related compromise was found in one of its labs. The hack was quickly dealt with, and Verizon said no data or customer information had been accessed or stolen.
“We know that bad actors try to compromise our systems,” said Verizon spokesman Rich Young. “That is why internet operators, private companies and all individuals need to be vigilant in this space.”
The Metropolitan Water District of Southern California, the country’s largest water agency, provides water to 19 million people and operates some of the largest treatment plants worldwide, reported it also found a compromised device after an alert issued in April.
The device was immediately removed from service and spokeswoman Rebecca Kimitch said there was “no known data exfiltration” and no systems or processes were known to be affected.
The Associated Press reported earlier this month that the country’s largest subway system in New York City was also breached during the hack.
For more reporting from the Associated Press, see below.
Security researchers say dozens of other high-value entities that have not yet been named were also targeted as part of the breach of Pulse Secure.
It’s unclear what sensitive information, if any, was accessed. Some of the targets said they did not see any evidence of data being stolen. That uncertainty is common in cyberespionage and it can take months to determine data loss,…